I was about to ask you if you found any Rootkit, virus or malware. What is affecting my computer? It takes time to load windows, load IE and to detect a wireless connection . Sometimes my keyboard and touch pad (mouse) is not working, it doesn't work at the moment. I have to use external keyboard and mouse. I tried to update my drivers from Dell but i couldn't read the application file. Should i be requesting help in a different part of the forum? Thanks for all the help SEMPAI!
Rootkit problem with my Inspiron 5100
Started by
Brujo
, Mar 31 2011 08:50 AM
-
This topic is locked
#16
Posted 10 April 2011 - 01:21 AM
Brujo
- Topic Starter
-
- Member
-
- 34 posts
Member
I was about to ask you if you found any Rootkit, virus or malware. What is affecting my computer? It takes time to load windows, load IE and to detect a wireless connection . Sometimes my keyboard and touch pad (mouse) is not working, it doesn't work at the moment. I have to use external keyboard and mouse. I tried to update my drivers from Dell but i couldn't read the application file. Should i be requesting help in a different part of the forum? Thanks for all the help SEMPAI!
#17
Posted 10 April 2011 - 03:11 AM
sempai
-
- Malware Removal
-
- 785 posts
Trusted Helper
Can you please try this first:
1. Restart your computer
2. Before Windows loads, you will be prompted to choose which Operating System to start
3. Use the up and down arrow key to select Microsoft Windows Recovery Console
4. You must enter which Windows installation to log onto. Type 1 and press enter.
5. At the C:\Windows prompt, type the following bolded text, and press Enter (note the space between chkdsk and /r):
chkdsk /r
6. Allow it to complete undisturbed.
7. When completed, type the following bolded text, and press Enter:
exit
It will exit the recovery console.
1. Restart your computer
2. Before Windows loads, you will be prompted to choose which Operating System to start
3. Use the up and down arrow key to select Microsoft Windows Recovery Console
4. You must enter which Windows installation to log onto. Type 1 and press enter.
5. At the C:\Windows prompt, type the following bolded text, and press Enter (note the space between chkdsk and /r):
chkdsk /r
6. Allow it to complete undisturbed.
7. When completed, type the following bolded text, and press Enter:
exit
It will exit the recovery console.
#18
Posted 10 April 2011 - 07:10 PM
Brujo
- Topic Starter
-
- Member
-
- 34 posts
Member
I did the chkdsk /r twice. It found some error and fixed them. It is slow and now the keyboard and touch pad are working . I also defragmented the HDD. Any more suggestions?
#19
Posted 11 April 2011 - 07:21 AM
sempai
-
- Malware Removal
-
- 785 posts
Trusted Helper
Hi Brujo,
So the only problem remaining is that the computer is slow, right?
Please run OTL and click the quick scan button, post the new log for my review.
So the only problem remaining is that the computer is slow, right?
Please run OTL and click the quick scan button, post the new log for my review.
#20
Posted 11 April 2011 - 10:54 PM
Brujo
- Topic Starter
-
- Member
-
- 34 posts
Member
For the moment the touch pad and keyboard are working, but i don't think it's because of something we did or fix. Just before I got into windows recovery the computer froze. I turned it off , back on again and it just magically both keyboard and mouse were working. There is something funny about this computer. After being in the garage for almost 4 years, i finally found a recovery disc on the net to fix it, turns out the same as before 
Here is the OTL Log
OTL logfile created on: 4/11/2011 9:36:04 PM - Run 5
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
383.00 Mb Total Physical Memory | 77.00 Mb Available Physical Memory | 20.00% Memory free
922.00 Mb Paging File | 662.00 Mb Available in Paging File | 72.00% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 36.28 Gb Total Space | 27.25 Gb Free Space | 75.12% Space Free | Partition Type: NTFS
Computer Name: TRANSMETAL | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/03/30 17:45:14 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2011/02/17 06:21:58 | 002,190,688 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/02/15 05:38:06 | 007,421,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/02/11 06:25:52 | 001,080,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2011/02/08 05:33:20 | 000,658,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2011/02/08 05:32:52 | 001,025,376 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2011/02/08 05:32:46 | 000,656,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2009/03/08 04:31:54 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msfeedssync.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2011/03/30 17:45:14 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/03/18 08:11:02 | 000,947,528 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011/02/15 05:38:06 | 007,421,280 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
========== Driver Services (SafeList) ==========
DRV - [2011/03/30 17:17:22 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/02/10 07:54:00 | 000,296,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/02/10 07:53:54 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:52 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/19 04:32:56 | 000,032,464 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2004/11/15 15:37:52 | 000,264,440 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stac97.sys -- (STAC97) Audio Driver (WDM)
DRV - [2003/03/21 10:26:40 | 000,164,224 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2002/12/17 11:41:36 | 000,042,368 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2002/11/07 22:31:36 | 000,539,392 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/04/07 19:58:34 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2002/09/03 09:34:19 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/03/25 01:32:15 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/04/10 15:38:24 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2011/04/10 15:36:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Dell Inc
[2011/04/10 15:35:53 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/04/10 15:31:53 | 005,738,952 | ---- | C] (Xceed Software Inc. 1-450-442-2626 [email protected] www.xceedsoft.com) -- C:\Documents and Settings\Owner\My Documents\R54631.EXE
[2011/04/10 15:31:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Driver
[2011/04/10 15:28:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Deployment
[2011/04/09 11:33:09 | 001,377,112 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Owner\Desktop\TDSSKiller.exe
[2011/04/07 20:00:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2011/04/07 19:59:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2011
[2011/04/07 19:52:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2011/04/07 19:27:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/04/06 15:06:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011/04/06 13:42:33 | 000,000,000 | ---D | C] -- C:\712ccdbb4162b8320b71
[2011/04/05 21:19:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Macromedia
[2011/04/03 00:28:47 | 000,000,000 | ---D | C] -- C:\8e921d0dbe33533a6ce5c824f77200
[2011/04/03 00:06:07 | 000,000,000 | ---D | C] -- C:\895d0f6cb024d873ae1c
[2011/04/02 21:30:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\PCHealth
[2011/03/30 17:45:12 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/03/30 17:43:44 | 000,645,632 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTS.exe
[2011/03/30 17:19:14 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/03/30 17:18:18 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/03/30 17:18:18 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/03/30 17:18:18 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/03/30 17:18:18 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/03/30 17:17:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/03/30 17:17:22 | 000,134,480 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\WINDOWS\System32\drivers\AVGIDSDriver.sys
[2011/03/30 16:51:26 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/03/25 17:03:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2011/03/25 17:02:21 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2011/03/25 17:01:19 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2011/03/25 16:58:34 | 000,000,000 | ---D | C] -- C:\e79bbe30f08b99cb9b0d237153795bcc
[2011/03/25 16:53:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2011/03/25 16:53:31 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/03/25 16:53:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/03/25 16:53:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/03/25 16:53:20 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/03/25 16:53:19 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/03/25 16:12:34 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2011/03/25 16:10:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2011/03/25 15:44:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/03/25 15:18:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2011/03/25 15:18:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2011/03/25 15:18:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2011/03/25 15:18:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2011/03/25 14:58:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2011/03/25 14:36:42 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\IECompatCache
[2011/03/25 14:33:26 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\PrivacIE
[2011/03/25 14:31:00 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\IETldCache
[2011/03/25 14:20:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2011/03/25 14:19:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2011/03/25 14:16:50 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011/03/25 14:16:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2011/03/25 12:13:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\AVG10
[2011/03/25 12:03:57 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/03/25 11:55:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/03/25 11:52:34 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2011/03/25 09:07:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2011/03/25 08:43:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2011/03/25 08:43:35 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2011/03/25 08:42:21 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2011/03/25 08:36:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/03/25 08:35:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2011/03/25 08:35:07 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\UserData
[2011/03/25 08:31:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2011/03/25 08:20:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\peernet
[2011/03/25 08:20:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\provisioning
[2011/03/25 08:17:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2011/03/25 08:13:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2011/03/25 08:10:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2011/03/25 08:10:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2011/03/25 02:07:26 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2011/03/25 01:55:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\WinRAR
[2011/03/25 01:55:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SLD Codec Pack
[2011/03/25 01:54:52 | 000,000,000 | ---D | C] -- C:\Program Files\SLD Codec Pack
[2011/03/25 01:53:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\WinRAR
[2011/03/25 01:53:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
[2011/03/25 01:53:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Downloads
[2011/03/25 01:52:43 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011/03/25 01:36:19 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2011/03/25 01:36:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Identities
[2011/03/25 01:36:08 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2011/03/25 01:36:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents\My Pictures
[2011/03/25 01:36:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents\My Music
[2011/03/25 01:36:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft
[2011/03/25 01:36:03 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Owner\Application Data\Microsoft
[2011/03/25 01:36:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\SendTo
[2011/03/25 01:36:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent
[2011/03/25 01:36:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Application Data
[2011/03/25 01:36:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Startup
[2011/03/25 01:36:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu
[2011/03/25 01:36:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents
[2011/03/25 01:36:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Favorites
[2011/03/25 01:36:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Accessories
[2011/03/25 01:36:03 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\Cookies
[2011/03/25 01:36:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Owner\Templates
[2011/03/25 01:36:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Owner\PrintHood
[2011/03/25 01:36:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Owner\NetHood
[2011/03/25 01:36:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Owner\Local Settings
[2011/03/25 01:36:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop
[2011/03/25 01:35:58 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011/03/25 01:35:55 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2011/03/25 01:35:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2011/03/25 01:35:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2011/03/25 01:35:54 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2011/03/25 01:34:05 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2011/03/25 01:34:05 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2011/03/25 01:32:51 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2011/03/25 01:32:30 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2011/03/25 01:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2011/03/25 01:32:29 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2011/03/25 01:32:26 | 000,000,000 | ---D | C] -- C:\DELL
[2011/03/25 01:31:13 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2011/03/25 01:31:03 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2011/03/25 01:31:03 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2011/03/25 01:30:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2011/03/25 01:29:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2011/03/25 01:29:21 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2011/03/25 01:29:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2011/03/25 01:29:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2011/03/25 01:29:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2011/03/25 01:29:05 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2011/03/25 01:28:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2011/03/25 01:28:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHealth
[2011/03/25 01:28:52 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2011/03/25 01:28:50 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2011/03/25 01:28:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2011/03/25 01:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2011/03/25 01:28:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2011/03/25 01:28:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2011/03/25 01:28:19 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2011/03/25 01:28:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2011/03/25 01:28:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2011/03/25 01:27:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2011/03/25 01:27:41 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2011/03/25 01:27:41 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2011/03/25 01:27:40 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2011/03/25 01:27:33 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2011/03/25 01:27:26 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2011/03/25 01:26:37 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2011/03/25 01:26:37 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2011/03/25 01:26:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2011/03/25 01:26:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2011/03/25 01:25:47 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2011/03/24 18:21:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2011/03/24 18:21:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2011/03/24 18:21:28 | 000,000,000 | R--D | C] -- C:\Program Files
[2011/03/24 18:21:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2011/03/24 18:21:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2011/03/24 18:20:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2011/03/24 18:20:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2011/03/24 18:20:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2011/03/24 18:20:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2011/03/24 18:20:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2011/03/24 18:20:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2011/03/24 18:20:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2011/03/24 18:20:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2011/03/24 18:20:30 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2011/03/24 18:20:30 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2011/03/24 18:20:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2011/03/24 18:14:25 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2011/03/24 18:14:25 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2011/03/24 18:14:25 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2011/03/24 18:14:25 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/04/11 21:37:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{0CA1D476-9C73-4E2D-8345-067C08B14ED8}.job
[2011/04/11 21:35:07 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/11 21:35:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/10 18:14:54 | 112,122,770 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/04/10 15:32:21 | 005,738,952 | ---- | M] (Xceed Software Inc. 1-450-442-2626 [email protected] www.xceedsoft.com) -- C:\Documents and Settings\Owner\My Documents\R54631.EXE
[2011/04/09 11:32:16 | 001,263,721 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\tdsskiller.zip
[2011/04/09 11:31:19 | 000,133,053 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Jottis scan results.JPG
[2011/04/08 10:53:51 | 000,133,632 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\RKUnhookerLE.EXE
[2011/04/07 20:00:05 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2011/04/07 18:29:09 | 004,315,987 | R--- | M] () -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2011/04/06 14:29:41 | 000,293,019 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\gmer.zip
[2011/04/06 14:02:38 | 000,432,924 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/06 14:02:38 | 000,067,714 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/03/30 17:45:14 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/03/30 17:43:47 | 000,645,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTS.exe
[2011/03/30 17:19:19 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/03/30 17:17:22 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\WINDOWS\System32\drivers\AVGIDSDriver.sys
[2011/03/25 17:26:10 | 000,095,072 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/03/25 16:53:37 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/25 16:38:56 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/03/25 15:47:53 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/03/25 14:57:37 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/03/25 14:31:29 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/03/25 12:29:26 | 000,005,764 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\root scan.csv
[2011/03/25 08:21:43 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2011/03/25 08:14:52 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2011/03/25 01:58:44 | 000,072,704 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/25 01:55:07 | 000,000,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SLD Codec Selector.lnk
[2011/03/25 01:36:25 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/03/25 01:36:18 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/03/25 01:36:17 | 000,025,065 | ---- | M] () -- C:\WINDOWS\System32\wmpscheme.xml
[2011/03/25 01:35:17 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2011/03/25 01:34:44 | 000,000,237 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/03/25 01:32:15 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/03/25 01:32:15 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011/03/25 01:32:15 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011/03/25 01:32:15 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011/03/25 01:32:15 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011/03/25 01:32:13 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/03/25 01:32:13 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/03/25 01:32:12 | 000,299,552 | ---- | M] () -- C:\WINDOWS\WMSysPrx.prx
[2011/03/25 01:32:00 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2011/03/25 01:28:32 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/03/20 17:07:56 | 000,301,568 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\gmer.exe
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/04/10 18:14:54 | 112,122,770 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/04/09 11:31:49 | 001,263,721 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\tdsskiller.zip
[2011/04/09 11:31:19 | 000,133,053 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Jottis scan results.JPG
[2011/04/08 10:53:50 | 000,133,632 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\RKUnhookerLE.EXE
[2011/04/07 20:00:05 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2011/04/07 18:29:06 | 004,315,987 | R--- | C] () -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2011/04/06 14:30:06 | 000,301,568 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\gmer.exe
[2011/04/06 14:29:39 | 000,293,019 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\gmer.zip
[2011/03/30 17:19:19 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/03/30 17:19:15 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/03/30 17:18:18 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/03/30 17:18:18 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/03/30 17:18:18 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/03/30 17:18:18 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/03/30 17:18:18 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/03/25 16:53:37 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/25 14:36:10 | 000,000,422 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{0CA1D476-9C73-4E2D-8345-067C08B14ED8}.job
[2011/03/25 13:22:46 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2011/03/25 13:22:46 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2011/03/25 13:22:46 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2011/03/25 13:22:46 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2011/03/25 13:22:43 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2011/03/25 13:22:43 | 000,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2011/03/25 13:22:43 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2011/03/25 13:22:42 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2011/03/25 13:22:42 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2011/03/25 13:22:42 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2011/03/25 13:22:41 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2011/03/25 13:22:41 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2011/03/25 13:22:41 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2011/03/25 13:22:41 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2011/03/25 13:22:40 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2011/03/25 13:22:40 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2011/03/25 13:22:40 | 000,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2011/03/25 13:22:25 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2011/03/25 13:22:24 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2011/03/25 13:22:24 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2011/03/25 13:22:24 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2011/03/25 13:22:24 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2011/03/25 13:22:24 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2011/03/25 13:22:24 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2011/03/25 13:22:24 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2011/03/25 13:22:24 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2011/03/25 13:22:24 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2011/03/25 13:22:24 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2011/03/25 13:22:10 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2011/03/25 13:22:10 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2011/03/25 13:22:10 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2011/03/25 13:21:47 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2011/03/25 13:21:47 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2011/03/25 13:21:47 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2011/03/25 13:21:47 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2011/03/25 13:21:47 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2011/03/25 13:21:47 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2011/03/25 13:21:40 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2011/03/25 13:21:40 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2011/03/25 13:21:40 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2011/03/25 13:21:40 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2011/03/25 13:21:19 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2011/03/25 13:21:17 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2011/03/25 13:20:52 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2011/03/25 13:20:48 | 000,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2011/03/25 13:20:24 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2011/03/25 13:20:24 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2011/03/25 13:20:23 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2011/03/25 13:20:23 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2011/03/25 13:20:23 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2011/03/25 13:20:23 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2011/03/25 13:20:23 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2011/03/25 13:20:23 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2011/03/25 13:20:23 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2011/03/25 13:20:23 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2011/03/25 13:20:23 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2011/03/25 13:20:23 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2011/03/25 13:20:23 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2011/03/25 13:20:23 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2011/03/25 13:20:23 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2011/03/25 13:20:23 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2011/03/25 13:19:35 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2011/03/25 13:19:12 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2011/03/25 13:19:12 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2011/03/25 13:17:27 | 000,004,126 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2011/03/25 13:17:26 | 000,844,314 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2011/03/25 13:16:51 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2011/03/25 13:16:51 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2011/03/25 13:16:51 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2011/03/25 13:15:58 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2011/03/25 13:13:10 | 000,001,261 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
[2011/03/25 13:11:41 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2011/03/25 13:11:27 | 000,498,742 | ---- | C] () -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2011/03/25 13:09:42 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2011/03/25 13:09:42 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2011/03/25 13:09:42 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2011/03/25 13:09:42 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2011/03/25 13:09:28 | 000,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2011/03/25 13:09:25 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2011/03/25 13:09:24 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2011/03/25 13:09:24 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2011/03/25 13:09:13 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2011/03/25 13:09:13 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2011/03/25 13:08:15 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2011/03/25 12:29:26 | 000,005,764 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\root scan.csv
[2011/03/25 08:21:29 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2011/03/25 08:20:38 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2011/03/25 08:20:38 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2011/03/25 08:20:37 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2011/03/25 08:20:31 | 000,118,272 | ---- | C] () -- C:\WINDOWS\System32\mpeg2data.ax
[2011/03/25 01:55:07 | 000,000,700 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SLD Codec Selector.lnk
[2011/03/25 01:43:13 | 000,072,704 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/25 01:36:25 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/03/25 01:36:16 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Outlook Express.lnk
[2011/03/25 01:36:13 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/03/25 01:36:08 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/03/25 01:36:08 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Internet Explorer.lnk
[2011/03/25 01:36:04 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Remote Assistance.lnk
[2011/03/25 01:36:04 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Windows Media Player.lnk
[2011/03/25 01:35:17 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2011/03/25 01:34:39 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/03/25 01:33:58 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2011/03/25 01:33:37 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2011/03/25 01:33:30 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2011/03/25 01:33:30 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2011/03/25 01:33:28 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2011/03/25 01:33:17 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2011/03/25 01:33:11 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2011/03/25 01:32:55 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2011/03/25 01:32:15 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/03/25 01:32:15 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011/03/25 01:32:15 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011/03/25 01:32:15 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2011/03/25 01:32:15 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2011/03/25 01:32:13 | 000,025,065 | ---- | C] () -- C:\WINDOWS\System32\wmpscheme.xml
[2011/03/25 01:32:13 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/03/25 01:32:13 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/03/25 01:32:12 | 000,299,552 | ---- | C] () -- C:\WINDOWS\WMSysPrx.prx
[2011/03/25 01:30:37 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2011/03/25 01:29:45 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2011/03/25 01:29:45 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2011/03/25 01:29:33 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2011/03/25 01:28:32 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/03/25 01:27:42 | 000,000,829 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2011/03/25 01:27:41 | 000,001,846 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN Explorer.lnk
[2011/03/25 01:27:06 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2011/03/25 01:27:05 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2011/03/25 01:27:05 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2011/03/25 01:27:05 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2011/03/25 01:27:05 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2011/03/25 01:27:05 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2011/03/25 01:27:05 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2011/03/25 01:27:05 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2011/03/25 01:27:04 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2011/03/25 01:27:04 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2011/03/25 01:27:04 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2011/03/25 01:27:00 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2011/03/25 01:26:59 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2011/03/25 01:26:57 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2011/03/25 01:26:45 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2011/03/24 18:21:38 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011/03/24 18:21:33 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/03/24 18:21:30 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2011/03/24 18:21:30 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2011/03/24 18:21:30 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2011/03/24 18:21:29 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2011/03/24 18:21:05 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2011/03/24 18:20:54 | 000,007,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2011/03/24 18:20:53 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2011/03/24 18:20:53 | 000,657,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\CLASSES.CAT
[2011/03/24 18:20:53 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2011/03/24 18:20:53 | 000,390,168 | ---- | C] () -- C:\WINDOWS\System32\dllcache\WFC.CAT
[2011/03/24 18:20:53 | 000,056,081 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DAJAVAC.CAT
[2011/03/24 18:20:53 | 000,052,311 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DX3.CAT
[2011/03/24 18:20:53 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2011/03/24 18:20:53 | 000,022,151 | ---- | C] () -- C:\WINDOWS\System32\dllcache\TCLASSES.CAT
[2011/03/24 18:20:53 | 000,021,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\XMLDSOC.CAT
[2011/03/24 18:20:53 | 000,014,031 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSJDBC.CAT
[2011/03/24 18:20:53 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2011/03/24 18:20:53 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2011/03/24 18:20:05 | 000,095,072 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/03/24 18:19:27 | 000,000,327 | RHS- | C] () -- C:\boot.ini
[2011/03/24 18:19:24 | 000,000,237 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/03/20 08:35:22 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.exe
[2004/12/20 03:08:28 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2004/12/20 03:03:26 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004/08/02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2002/12/14 14:46:02 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\oggDS.dll
[2002/12/14 14:46:02 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002/12/14 14:46:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2002/12/14 13:46:04 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2002/11/15 05:11:26 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2002/09/03 10:17:03 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/09/03 10:16:59 | 000,004,594 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/09/03 09:52:01 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2002/09/03 09:52:00 | 000,432,924 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2002/09/03 09:51:58 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2002/09/03 09:51:54 | 000,067,714 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2002/09/03 09:49:33 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002/09/03 09:41:59 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2002/09/03 09:41:43 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2002/09/03 09:32:10 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2002/09/03 09:30:33 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
========== LOP Check ==========
[2011/04/07 20:05:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2011/04/07 20:03:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/03/25 12:03:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/04/07 20:06:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/03/25 12:13:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AVG10
[2011/04/11 21:37:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{0CA1D476-9C73-4E2D-8345-067C08B14ED8}.job
========== Purity Check ==========
< End of report >
Here is the OTL Log
OTL logfile created on: 4/11/2011 9:36:04 PM - Run 5
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
383.00 Mb Total Physical Memory | 77.00 Mb Available Physical Memory | 20.00% Memory free
922.00 Mb Paging File | 662.00 Mb Available in Paging File | 72.00% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 36.28 Gb Total Space | 27.25 Gb Free Space | 75.12% Space Free | Partition Type: NTFS
Computer Name: TRANSMETAL | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/03/30 17:45:14 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2011/02/17 06:21:58 | 002,190,688 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/02/15 05:38:06 | 007,421,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/02/11 06:25:52 | 001,080,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2011/02/08 05:33:20 | 000,658,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2011/02/08 05:32:52 | 001,025,376 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2011/02/08 05:32:46 | 000,656,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2009/03/08 04:31:54 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msfeedssync.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2011/03/30 17:45:14 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/03/18 08:11:02 | 000,947,528 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011/02/15 05:38:06 | 007,421,280 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
========== Driver Services (SafeList) ==========
DRV - [2011/03/30 17:17:22 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/02/10 07:54:00 | 000,296,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/02/10 07:53:54 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:52 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/19 04:32:56 | 000,032,464 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2004/11/15 15:37:52 | 000,264,440 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stac97.sys -- (STAC97) Audio Driver (WDM)
DRV - [2003/03/21 10:26:40 | 000,164,224 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2002/12/17 11:41:36 | 000,042,368 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2002/11/07 22:31:36 | 000,539,392 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/04/07 19:58:34 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2002/09/03 09:34:19 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/03/25 01:32:15 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/04/10 15:38:24 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2011/04/10 15:36:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Dell Inc
[2011/04/10 15:35:53 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/04/10 15:31:53 | 005,738,952 | ---- | C] (Xceed Software Inc. 1-450-442-2626 [email protected] www.xceedsoft.com) -- C:\Documents and Settings\Owner\My Documents\R54631.EXE
[2011/04/10 15:31:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Driver
[2011/04/10 15:28:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Deployment
[2011/04/09 11:33:09 | 001,377,112 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Owner\Desktop\TDSSKiller.exe
[2011/04/07 20:00:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2011/04/07 19:59:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2011
[2011/04/07 19:52:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2011/04/07 19:27:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/04/06 15:06:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011/04/06 13:42:33 | 000,000,000 | ---D | C] -- C:\712ccdbb4162b8320b71
[2011/04/05 21:19:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Macromedia
[2011/04/03 00:28:47 | 000,000,000 | ---D | C] -- C:\8e921d0dbe33533a6ce5c824f77200
[2011/04/03 00:06:07 | 000,000,000 | ---D | C] -- C:\895d0f6cb024d873ae1c
[2011/04/02 21:30:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\PCHealth
[2011/03/30 17:45:12 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/03/30 17:43:44 | 000,645,632 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTS.exe
[2011/03/30 17:19:14 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/03/30 17:18:18 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/03/30 17:18:18 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/03/30 17:18:18 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/03/30 17:18:18 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/03/30 17:17:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/03/30 17:17:22 | 000,134,480 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\WINDOWS\System32\drivers\AVGIDSDriver.sys
[2011/03/30 16:51:26 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/03/25 17:03:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2011/03/25 17:02:21 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2011/03/25 17:01:19 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2011/03/25 16:58:34 | 000,000,000 | ---D | C] -- C:\e79bbe30f08b99cb9b0d237153795bcc
[2011/03/25 16:53:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2011/03/25 16:53:31 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/03/25 16:53:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/03/25 16:53:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/03/25 16:53:20 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/03/25 16:53:19 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/03/25 16:12:34 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2011/03/25 16:10:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2011/03/25 15:44:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/03/25 15:18:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2011/03/25 15:18:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2011/03/25 15:18:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2011/03/25 15:18:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2011/03/25 14:58:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2011/03/25 14:36:42 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\IECompatCache
[2011/03/25 14:33:26 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\PrivacIE
[2011/03/25 14:31:00 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\IETldCache
[2011/03/25 14:20:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2011/03/25 14:19:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2011/03/25 14:16:50 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011/03/25 14:16:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2011/03/25 12:13:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\AVG10
[2011/03/25 12:03:57 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/03/25 11:55:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/03/25 11:52:34 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2011/03/25 09:07:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2011/03/25 08:43:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2011/03/25 08:43:35 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2011/03/25 08:42:21 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2011/03/25 08:36:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/03/25 08:35:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2011/03/25 08:35:07 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\UserData
[2011/03/25 08:31:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2011/03/25 08:20:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\peernet
[2011/03/25 08:20:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\provisioning
[2011/03/25 08:17:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2011/03/25 08:13:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2011/03/25 08:10:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2011/03/25 08:10:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2011/03/25 02:07:26 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2011/03/25 01:55:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\WinRAR
[2011/03/25 01:55:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SLD Codec Pack
[2011/03/25 01:54:52 | 000,000,000 | ---D | C] -- C:\Program Files\SLD Codec Pack
[2011/03/25 01:53:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\WinRAR
[2011/03/25 01:53:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
[2011/03/25 01:53:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Downloads
[2011/03/25 01:52:43 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011/03/25 01:36:19 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2011/03/25 01:36:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Identities
[2011/03/25 01:36:08 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2011/03/25 01:36:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents\My Pictures
[2011/03/25 01:36:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents\My Music
[2011/03/25 01:36:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft
[2011/03/25 01:36:03 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Owner\Application Data\Microsoft
[2011/03/25 01:36:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\SendTo
[2011/03/25 01:36:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent
[2011/03/25 01:36:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Application Data
[2011/03/25 01:36:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Startup
[2011/03/25 01:36:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu
[2011/03/25 01:36:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents
[2011/03/25 01:36:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Favorites
[2011/03/25 01:36:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Accessories
[2011/03/25 01:36:03 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\Cookies
[2011/03/25 01:36:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Owner\Templates
[2011/03/25 01:36:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Owner\PrintHood
[2011/03/25 01:36:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Owner\NetHood
[2011/03/25 01:36:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Owner\Local Settings
[2011/03/25 01:36:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop
[2011/03/25 01:35:58 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011/03/25 01:35:55 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2011/03/25 01:35:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2011/03/25 01:35:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2011/03/25 01:35:54 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2011/03/25 01:34:05 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2011/03/25 01:34:05 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2011/03/25 01:32:51 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2011/03/25 01:32:30 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2011/03/25 01:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2011/03/25 01:32:29 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2011/03/25 01:32:26 | 000,000,000 | ---D | C] -- C:\DELL
[2011/03/25 01:31:13 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2011/03/25 01:31:03 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2011/03/25 01:31:03 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2011/03/25 01:30:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2011/03/25 01:29:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2011/03/25 01:29:21 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2011/03/25 01:29:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2011/03/25 01:29:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2011/03/25 01:29:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2011/03/25 01:29:05 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2011/03/25 01:28:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2011/03/25 01:28:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHealth
[2011/03/25 01:28:52 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2011/03/25 01:28:50 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2011/03/25 01:28:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2011/03/25 01:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2011/03/25 01:28:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2011/03/25 01:28:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2011/03/25 01:28:19 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2011/03/25 01:28:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2011/03/25 01:28:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2011/03/25 01:27:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2011/03/25 01:27:41 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2011/03/25 01:27:41 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2011/03/25 01:27:40 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2011/03/25 01:27:33 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2011/03/25 01:27:26 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2011/03/25 01:26:37 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2011/03/25 01:26:37 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2011/03/25 01:26:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2011/03/25 01:26:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2011/03/25 01:25:47 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2011/03/24 18:21:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2011/03/24 18:21:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2011/03/24 18:21:28 | 000,000,000 | R--D | C] -- C:\Program Files
[2011/03/24 18:21:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2011/03/24 18:21:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2011/03/24 18:20:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2011/03/24 18:20:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2011/03/24 18:20:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2011/03/24 18:20:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2011/03/24 18:20:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2011/03/24 18:20:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2011/03/24 18:20:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2011/03/24 18:20:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2011/03/24 18:20:30 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2011/03/24 18:20:30 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2011/03/24 18:20:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2011/03/24 18:14:25 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2011/03/24 18:14:25 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2011/03/24 18:14:25 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2011/03/24 18:14:25 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/04/11 21:37:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{0CA1D476-9C73-4E2D-8345-067C08B14ED8}.job
[2011/04/11 21:35:07 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/11 21:35:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/10 18:14:54 | 112,122,770 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/04/10 15:32:21 | 005,738,952 | ---- | M] (Xceed Software Inc. 1-450-442-2626 [email protected] www.xceedsoft.com) -- C:\Documents and Settings\Owner\My Documents\R54631.EXE
[2011/04/09 11:32:16 | 001,263,721 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\tdsskiller.zip
[2011/04/09 11:31:19 | 000,133,053 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Jottis scan results.JPG
[2011/04/08 10:53:51 | 000,133,632 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\RKUnhookerLE.EXE
[2011/04/07 20:00:05 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2011/04/07 18:29:09 | 004,315,987 | R--- | M] () -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2011/04/06 14:29:41 | 000,293,019 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\gmer.zip
[2011/04/06 14:02:38 | 000,432,924 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/06 14:02:38 | 000,067,714 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/03/30 17:45:14 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/03/30 17:43:47 | 000,645,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTS.exe
[2011/03/30 17:19:19 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/03/30 17:17:22 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\WINDOWS\System32\drivers\AVGIDSDriver.sys
[2011/03/25 17:26:10 | 000,095,072 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/03/25 16:53:37 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/25 16:38:56 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/03/25 15:47:53 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/03/25 14:57:37 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/03/25 14:31:29 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/03/25 12:29:26 | 000,005,764 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\root scan.csv
[2011/03/25 08:21:43 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2011/03/25 08:14:52 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2011/03/25 01:58:44 | 000,072,704 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/25 01:55:07 | 000,000,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SLD Codec Selector.lnk
[2011/03/25 01:36:25 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/03/25 01:36:18 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/03/25 01:36:17 | 000,025,065 | ---- | M] () -- C:\WINDOWS\System32\wmpscheme.xml
[2011/03/25 01:35:17 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2011/03/25 01:34:44 | 000,000,237 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/03/25 01:32:15 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/03/25 01:32:15 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011/03/25 01:32:15 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011/03/25 01:32:15 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011/03/25 01:32:15 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011/03/25 01:32:13 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/03/25 01:32:13 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/03/25 01:32:12 | 000,299,552 | ---- | M] () -- C:\WINDOWS\WMSysPrx.prx
[2011/03/25 01:32:00 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2011/03/25 01:28:32 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/03/20 17:07:56 | 000,301,568 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\gmer.exe
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/04/10 18:14:54 | 112,122,770 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/04/09 11:31:49 | 001,263,721 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\tdsskiller.zip
[2011/04/09 11:31:19 | 000,133,053 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Jottis scan results.JPG
[2011/04/08 10:53:50 | 000,133,632 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\RKUnhookerLE.EXE
[2011/04/07 20:00:05 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2011/04/07 18:29:06 | 004,315,987 | R--- | C] () -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2011/04/06 14:30:06 | 000,301,568 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\gmer.exe
[2011/04/06 14:29:39 | 000,293,019 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\gmer.zip
[2011/03/30 17:19:19 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/03/30 17:19:15 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/03/30 17:18:18 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/03/30 17:18:18 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/03/30 17:18:18 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/03/30 17:18:18 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/03/30 17:18:18 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/03/25 16:53:37 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/25 14:36:10 | 000,000,422 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{0CA1D476-9C73-4E2D-8345-067C08B14ED8}.job
[2011/03/25 13:22:46 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2011/03/25 13:22:46 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2011/03/25 13:22:46 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2011/03/25 13:22:46 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2011/03/25 13:22:43 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2011/03/25 13:22:43 | 000,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2011/03/25 13:22:43 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2011/03/25 13:22:42 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2011/03/25 13:22:42 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2011/03/25 13:22:42 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2011/03/25 13:22:41 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2011/03/25 13:22:41 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2011/03/25 13:22:41 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2011/03/25 13:22:41 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2011/03/25 13:22:40 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2011/03/25 13:22:40 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2011/03/25 13:22:40 | 000,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2011/03/25 13:22:25 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2011/03/25 13:22:24 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2011/03/25 13:22:24 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2011/03/25 13:22:24 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2011/03/25 13:22:24 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2011/03/25 13:22:24 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2011/03/25 13:22:24 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2011/03/25 13:22:24 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2011/03/25 13:22:24 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2011/03/25 13:22:24 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2011/03/25 13:22:24 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2011/03/25 13:22:10 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2011/03/25 13:22:10 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2011/03/25 13:22:10 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2011/03/25 13:21:47 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2011/03/25 13:21:47 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2011/03/25 13:21:47 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2011/03/25 13:21:47 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2011/03/25 13:21:47 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2011/03/25 13:21:47 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2011/03/25 13:21:40 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2011/03/25 13:21:40 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2011/03/25 13:21:40 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2011/03/25 13:21:40 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2011/03/25 13:21:19 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2011/03/25 13:21:17 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2011/03/25 13:20:52 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2011/03/25 13:20:48 | 000,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2011/03/25 13:20:24 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2011/03/25 13:20:24 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2011/03/25 13:20:23 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2011/03/25 13:20:23 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2011/03/25 13:20:23 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2011/03/25 13:20:23 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2011/03/25 13:20:23 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2011/03/25 13:20:23 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2011/03/25 13:20:23 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2011/03/25 13:20:23 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2011/03/25 13:20:23 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2011/03/25 13:20:23 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2011/03/25 13:20:23 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2011/03/25 13:20:23 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2011/03/25 13:20:23 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2011/03/25 13:20:23 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2011/03/25 13:19:35 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2011/03/25 13:19:12 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2011/03/25 13:19:12 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2011/03/25 13:17:27 | 000,004,126 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2011/03/25 13:17:26 | 000,844,314 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2011/03/25 13:16:51 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2011/03/25 13:16:51 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2011/03/25 13:16:51 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2011/03/25 13:15:58 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2011/03/25 13:13:10 | 000,001,261 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
[2011/03/25 13:11:41 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2011/03/25 13:11:27 | 000,498,742 | ---- | C] () -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2011/03/25 13:09:42 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2011/03/25 13:09:42 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2011/03/25 13:09:42 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2011/03/25 13:09:42 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2011/03/25 13:09:28 | 000,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2011/03/25 13:09:25 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2011/03/25 13:09:24 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2011/03/25 13:09:24 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2011/03/25 13:09:13 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2011/03/25 13:09:13 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2011/03/25 13:08:15 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2011/03/25 12:29:26 | 000,005,764 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\root scan.csv
[2011/03/25 08:21:29 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2011/03/25 08:20:38 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2011/03/25 08:20:38 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2011/03/25 08:20:37 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2011/03/25 08:20:31 | 000,118,272 | ---- | C] () -- C:\WINDOWS\System32\mpeg2data.ax
[2011/03/25 01:55:07 | 000,000,700 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SLD Codec Selector.lnk
[2011/03/25 01:43:13 | 000,072,704 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/25 01:36:25 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/03/25 01:36:16 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Outlook Express.lnk
[2011/03/25 01:36:13 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/03/25 01:36:08 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/03/25 01:36:08 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Internet Explorer.lnk
[2011/03/25 01:36:04 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Remote Assistance.lnk
[2011/03/25 01:36:04 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Windows Media Player.lnk
[2011/03/25 01:35:17 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2011/03/25 01:34:39 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/03/25 01:33:58 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2011/03/25 01:33:37 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2011/03/25 01:33:30 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2011/03/25 01:33:30 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2011/03/25 01:33:28 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2011/03/25 01:33:17 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2011/03/25 01:33:11 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2011/03/25 01:32:55 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2011/03/25 01:32:15 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/03/25 01:32:15 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011/03/25 01:32:15 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011/03/25 01:32:15 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2011/03/25 01:32:15 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2011/03/25 01:32:13 | 000,025,065 | ---- | C] () -- C:\WINDOWS\System32\wmpscheme.xml
[2011/03/25 01:32:13 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/03/25 01:32:13 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/03/25 01:32:12 | 000,299,552 | ---- | C] () -- C:\WINDOWS\WMSysPrx.prx
[2011/03/25 01:30:37 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2011/03/25 01:29:45 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2011/03/25 01:29:45 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2011/03/25 01:29:33 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2011/03/25 01:28:32 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/03/25 01:27:42 | 000,000,829 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2011/03/25 01:27:41 | 000,001,846 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN Explorer.lnk
[2011/03/25 01:27:06 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2011/03/25 01:27:05 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2011/03/25 01:27:05 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2011/03/25 01:27:05 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2011/03/25 01:27:05 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2011/03/25 01:27:05 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2011/03/25 01:27:05 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2011/03/25 01:27:05 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2011/03/25 01:27:04 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2011/03/25 01:27:04 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2011/03/25 01:27:04 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2011/03/25 01:27:00 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2011/03/25 01:26:59 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2011/03/25 01:26:57 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2011/03/25 01:26:45 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2011/03/24 18:21:38 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011/03/24 18:21:33 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/03/24 18:21:30 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2011/03/24 18:21:30 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2011/03/24 18:21:30 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2011/03/24 18:21:29 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2011/03/24 18:21:05 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2011/03/24 18:20:54 | 000,007,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2011/03/24 18:20:53 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2011/03/24 18:20:53 | 000,657,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\CLASSES.CAT
[2011/03/24 18:20:53 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2011/03/24 18:20:53 | 000,390,168 | ---- | C] () -- C:\WINDOWS\System32\dllcache\WFC.CAT
[2011/03/24 18:20:53 | 000,056,081 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DAJAVAC.CAT
[2011/03/24 18:20:53 | 000,052,311 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DX3.CAT
[2011/03/24 18:20:53 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2011/03/24 18:20:53 | 000,022,151 | ---- | C] () -- C:\WINDOWS\System32\dllcache\TCLASSES.CAT
[2011/03/24 18:20:53 | 000,021,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\XMLDSOC.CAT
[2011/03/24 18:20:53 | 000,014,031 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSJDBC.CAT
[2011/03/24 18:20:53 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2011/03/24 18:20:53 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2011/03/24 18:20:05 | 000,095,072 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/03/24 18:19:27 | 000,000,327 | RHS- | C] () -- C:\boot.ini
[2011/03/24 18:19:24 | 000,000,237 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/03/20 08:35:22 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.exe
[2004/12/20 03:08:28 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2004/12/20 03:03:26 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004/08/02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2002/12/14 14:46:02 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\oggDS.dll
[2002/12/14 14:46:02 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002/12/14 14:46:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2002/12/14 13:46:04 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2002/11/15 05:11:26 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2002/09/03 10:17:03 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/09/03 10:16:59 | 000,004,594 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/09/03 09:52:01 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2002/09/03 09:52:00 | 000,432,924 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2002/09/03 09:51:58 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2002/09/03 09:51:54 | 000,067,714 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2002/09/03 09:49:33 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002/09/03 09:41:59 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2002/09/03 09:41:43 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2002/09/03 09:32:10 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2002/09/03 09:30:33 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
========== LOP Check ==========
[2011/04/07 20:05:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2011/04/07 20:03:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/03/25 12:03:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/04/07 20:06:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/03/25 12:13:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AVG10
[2011/04/11 21:37:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{0CA1D476-9C73-4E2D-8345-067C08B14ED8}.job
========== Purity Check ==========
< End of report >
#21
Posted 13 April 2011 - 07:03 AM
sempai
-
- Malware Removal
-
- 785 posts
Trusted Helper
Hi,
Did you reset it to factory settings? Is everything OK now? No sign of malware on your log so whatever is causing your problem... it's not because of malware.i finally found a recovery disc on the net to fix it, turns out the same as before
#22
Posted 13 April 2011 - 10:23 AM
Brujo
- Topic Starter
-
- Member
-
- 34 posts
Member
Well, I deleted the partition, created a new one and reinstall Windows. Prior to this, the computer was experiencing the same problems. The keyboard and touch pad are not working again, it comes and goes. No malware or virus found, so there is something else wrong with my computer. Thanks again for all the help Sempai.
#23
Posted 14 April 2011 - 07:40 AM
sempai
-
- Malware Removal
-
- 785 posts
Trusted Helper
Hi Brujo,
I will redirect you to the appropriate forum since this is no longer malware related, we have technical staffs there who are more knowledgeable on this kind of problem.
Please create a new topic here -> Windows XP™, 2000, 2003, NT
Note to the new topic that you already reformatted and reinstall Windows so they know that you're not dealing with malware.
No need to do housekeeping to remove the tools since you already wiped the drive.
Thanks and good luck,
I will redirect you to the appropriate forum since this is no longer malware related, we have technical staffs there who are more knowledgeable on this kind of problem.
Please create a new topic here -> Windows XP™, 2000, 2003, NT
Note to the new topic that you already reformatted and reinstall Windows so they know that you're not dealing with malware.
No need to do housekeeping to remove the tools since you already wiped the drive.
Thanks and good luck,
#24
Posted 19 April 2011 - 06:40 AM
sempai
-
- Malware Removal
-
- 785 posts
Trusted Helper
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
Similar Topics
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
